TY - JOUR ID - 91592 TI - Anomaly Detection Using SVM as Classifier and Decision Tree for Optimizing Feature Vectors JO - The ISC International Journal of Information Security JA - ISECURE LA - en SN - 2008-2045 AU - Serkani, Elham AU - Gharaee Garakani, Hossein AU - Mohammadzadeh, Naser AD - Department of Computer Engineering, Shahed University, Tehran, Iran AD - Network, ITRC Y1 - 2019 PY - 2019 VL - 11 IS - 2 SP - 159 EP - 171 KW - Intrusion Detection KW - Feature selection KW - Support Vector Machines KW - decision tree DO - 10.22042/isecure.2019.164980.448 N2 - Abstract- With the advancement and development of computer network technologies, the way for intruders has become smoother; therefore, to detect threats and attacks, the importance of intrusion detection systems (IDS) as one of the key elements of security is increasing. One of the challenges of intrusion detection systems is managing of the large amount of network traffic features. Removing unnecessary features is a solution to this problem. Using machine learning methods is one of the best ways to design an intrusion detection system. Focusing on this issue, in this paper, we propose a hybrid intrusion detection system using the decision tree and support vector machine (SVM) approaches. In our method, the feature selection is initially done by the C5.0 decision tree pruning, and then the features with the least predictor importance value are removed. After removing each feature, the least square support vector machine (LS-SVM) is applied. The set of features having the highest surface area under the Receiver Operating Characteristic (ROC) curve for LS-SVM are considered as final features. The experimental results on two KDD Cup 99 and UNSW-NB15 data sets show that the proposed approach improves true positive and false positive criteria and accuracy compared to the best prior work. UR - https://www.isecure-journal.com/article_91592.html L1 - https://www.isecure-journal.com/article_91592_e825e0139e75d44a6b543ad437c18379.pdf ER -